Avast WEBforum

Other => General Topics => Topic started by: RejZoR on September 01, 2004, 01:36:53 PM

Title: Dual layer firewall system :)
Post by: RejZoR on September 01, 2004, 01:36:53 PM
I just established a very powerful firewall system.
Its especially interesting for all those that think that Windows firewall is unsecure because it lacks outbound protection and are searching for low overhead firewall.

Here is the solution :)

Outpost 1.0 + Windows Firewall (i use SP2 ICF)

Outpost has certain problems with Stealthing ports but provides program control and outbound protection,Windows Firewall provides great inbound protection and incredible port Stealthing capability.
When using these two together you get incredible dual layer protection with minimal possible overhead.
Also there is no communications problems,because eMule runs with High Id (communications are not limited in any way),also all other programs run without problems.

You can get Outpost 1.0 Free here:
www.agnitum.com
Title: Re:Dual layer firewall system :)
Post by: whocares on September 01, 2004, 01:40:45 PM
I got a quadruple layer protection
- Kerio
- www.ntsvcfg.de
- windowsupdates
- Brain 1.x
 ;D ;D ;) ;)
Title: Re:Dual layer firewall system :)
Post by: Eddy on September 01, 2004, 01:42:07 PM
Better is a router/hardware firewall and a software one on the comp. ;D

Even better is puling the connection plug out ;D ;D ;D

ps: ICF isn't in SP2, it is called Windows Firewall.
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 01, 2004, 01:48:28 PM
I know,i was just to lazy to write full name. But we all know what ICF means :P

I'd use Kerio instead,but its far from being so light on resources as Outpost is and its lame with application rules,because it asks for each and every different IP/Port even if the same application (already Allowed) tries to connect.
Title: Re:Dual layer firewall system :)
Post by: whocares on September 01, 2004, 01:51:05 PM
it asks for each and every different IP/Port even if the same application (already Allowed) tries to connect.

Imho even with Kerio 4.x, you can set/edit the application-rule to include all IP's/ports, right .. ?

 ???
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 01, 2004, 01:56:15 PM
As far as i was testing Kerio,not. But i can be wrong...
Title: Re:Dual layer firewall system :)
Post by: Staind on September 01, 2004, 06:19:54 PM
Is outbound really that important though? I mean, if you run frequent trojan scanners, anti virus, etc. and have something blocking inbound (WinFirewall) I think you should be ok.
Title: Re:Dual layer firewall system :)
Post by: DavidR on September 01, 2004, 08:36:23 PM
Unless you can 100% guarantee your system will not catch a new trojan infection, then it is prudent to have outbound protection.

After all do you want to take the risk of your username/password, account details, etc. in the hands of some fraudsters/criminals organisation, don't wory about outbound protection.
Title: Re:Dual layer firewall system :)
Post by: lee20 on September 01, 2004, 11:05:09 PM
2 things

1) i thought if you have 2 firewalls, they conflict?

2) Why have 2 when u can just get  in/outbound protection firewall all in one.

--lee
Title: Re:Dual layer firewall system :)
Post by: KezzerDrix on September 01, 2004, 11:06:40 PM
Rejzor, why not just use windows firewall and an appwall?  Like one of the ones I listed here

http://forum.avast.com/index.php?board=1;action=display;threadid=6858

Low overhead, no probs with p2p's

Just curious?
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 02, 2004, 02:56:03 PM
@lee16
After some tests i found out that Windows Firewall has the best inbound protection of all firewalls. Especially in field of Stealthing ports where Kerio fails. Outpost Firewall 1.0 has some problems with inbound,but it has a good outbound protection and provides max info possible for all connections that go through machine.

I can track where did some program connected,through which port/protocol,i can track all FTP/HTTP/HTTPS URLs,track sent/recived data for each program.

These two firewalls certanly work together,because all ports are Stelthed at all times,programs always ask for outbound and it can also detect changes in program. There was also no conflicts with any program that i use,so i can say its works perfectly.
Title: Re:Dual layer firewall system :)
Post by: bob3160 on September 02, 2004, 06:34:00 PM
RejZoR
Does the Windows Firewall beat ZA on inbound stealth and protection?
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 02, 2004, 08:00:12 PM
Inbound is the same i belive. ZA has never had any Stealthing problems.
Title: Re:Dual layer firewall system :)
Post by: lee20 on September 02, 2004, 08:40:37 PM
How do you rate syagate's inbound protection compared to ZA and Windows firewall.

In fact would you say the outbound is just as good as outpost/ZA aswell?

--lee
Title: Re:Dual layer firewall system :)
Post by: CharleyO on September 03, 2004, 10:39:38 AM
*
from RejZoR
Quote
Inbound is the same i belive. ZA has never had any Stealthing problems.


So, if ZA stealths inbound so well and has outbound protection, what more is needed? Why make it more complicated than need be?    ???  

*
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 03, 2004, 01:59:25 PM
P2P. ZA is death to such applications. And its memory usage while using P2P is enormous.
Title: Re:Dual layer firewall system :)
Post by: bob3160 on September 03, 2004, 02:43:42 PM
RejZoR
I'm using ZA with ICQ, MSN Messenger and Yahoo Messenger without problems. I don't know about the resource issue.
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 03, 2004, 03:19:24 PM
These are Instant Messagers and not P2P software (altough they do connect in the P2P way,but this is not the issue).
P2P software uses hundreds of connections which kills the ZA as they kill cheap hardware routers/firewalls.
Title: Re:Dual layer firewall system :)
Post by: bob3160 on September 03, 2004, 03:30:40 PM
RejZoR
Quote
P2P software uses hundreds of connections which kills the ZA as they kill cheap hardware routers/firewalls.
The only one in that catagory that I've ever used was Shareaza and I've never experience any prob. with it.
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 03, 2004, 03:36:55 PM
I was talking about eMule. ZA rejects amjority of connections and gathers huge garbage leak in its modules. Sometimes even simply dies and terminates/blocks all traffic. Its a very good firewall for normal web usage,but for any kind of P2P,it simply sucks. Even if you get High ID connection you get 2x less sources then with other firewalls.
Title: Re:Dual layer firewall system :)
Post by: lee20 on September 03, 2004, 03:37:40 PM
I used my mates old ZA v4.5 with Winmx and it worked fine, mabey you were doing something wrong?

Or was you using that junk they call Kazza?

--lee
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 03, 2004, 03:54:12 PM
One word. Emule. WinMX doesn't nearly close use such massive number of connections as eMule does.
Title: Re:Dual layer firewall system :)
Post by: lee20 on September 03, 2004, 03:58:37 PM
Why not switch to winmx then? , i find there are less viruses and so with it anyway (compred to DC++ and Kazza i mean).

--lee
Title: Re:Dual layer firewall system :)
Post by: RejZoR on September 03, 2004, 06:23:05 PM
DC++ uses stupid share size limit and WinMX is mainly for music and its also not as good as LimeWire (they both work on the same network,Gnutella 1).
Kaaza is history for me. eMule is best balance of all P2P clients. You can get everything including some really ancient things like 10 years old games and music that everyone forget about it today...
Title: Re:Dual layer firewall system :)
Post by: lee20 on September 03, 2004, 08:00:26 PM
Well i only use p2p for music, so im fine with winmx, i don't download games becuase there easy to virus (you can tell if a music file has a virus by its size on winmx), also my mate (against my advise) downloaded norton 2002 pro from there and it was virused beyond reconition (like i said it would).

Kazza just puts spyware on you and so does DC++.

Winmx doesn't anless your stupid enough to download it.

But i have never used Limewire, i take it is is good?

--lee
Title: Re:Dual layer firewall system :)
Post by: bob3160 on September 03, 2004, 08:34:34 PM
That's why I mentioned Shareaza.
No adware or spyware.
Title: Re:Dual layer firewall system :)
Post by: Staind on September 04, 2004, 08:59:49 PM
Shareaza connects to eMule clients.